1 / 33

Training

Training. 2017/10/18. scenario. Router. Crossover IP forward 鳥哥的  Linux  私房菜 http://linux.vbird.org/linux_server/0230router.php#route Route 鳥哥的  Linux  私房菜 http://linux.vbird.org/linux_server/0140networkcommand.php#route Backdoor. Backdoor program.

conlan
Download Presentation

Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Training 2017/10/18

  2. scenario

  3. Router • Crossover • IP forward • 鳥哥的 Linux 私房菜 • http://linux.vbird.org/linux_server/0230router.php#route • Route • 鳥哥的 Linux 私房菜 • http://linux.vbird.org/linux_server/0140networkcommand.php#route • Backdoor

  4. Backdoor program /usr/src/kernels/fedora/include/linux/skbuff.h

  5. Defined as a function in: net/ipv4/ip_input.c, line 379 Defined as a function prototype in: include/net/ip.h, line 93 Referenced (in 3 files total) in: include/net/ip.h, line 93 net/ipv4/af_inet.c, line 1560 net/ipv4/ip_input.c, line 379

  6. Backdoor program(1/2) • /usr/src/kernel/linux-2.26.2/net/ipv4/ip_input.c

  7. Backdoor program(2/2) • /usr/src/kernel/linux-2.26.2/net/ipv4/ip_output.c

  8. int (*input_queue)(struct sk_buff *skb)=0; EXPORT_SYMBOL(input_queue); if(input_queue) { input_queue(skb); } int (*output_queue)(struct sk_buff *skb)=0; EXPORT_SYMBOL(output_queue); if(output_queue) { output_queue(skb); }

  9. Kernel setup • Compile linux kernel • make all • make modules_install • make install • http://linux.vbird.org/linux_basic/0540kernel.php#make

  10. Application • VOIP • asterisk • Video streaming • darwin • TCP Socket

  11. VOIP Installation (1/7) • Run "./configure"

  12. Installation (2/7) • Run "make menuselect" [optional]

  13. Installation (3/7) • Run "make"

  14. Installation (4/7) • Run "make install"

  15. Installation (5/7) • Finally, you can launch Asterisk with: • # asterisk –vvvc

  16. Installation (6/7) • You can type "core show help" at any time to get help with the system.

  17. Installation (7/7)

  18. Starting • Asterisk   • /etc/asterisk/sip.conf  • /etc/asterisk/extensions.conf  • Install softphone • ex:Linphone, X-lite

  19. VOD • Server : Darwin (5.5.5) • Client :VLC player • MP4Box : Mp4 hint track • rtsp://127.0.0.1/example.mp4

  20. Installation • tar zxf DarwinStreamingSrvr5.5.5-Linux.tar.gz • cd DarwinStreamingSrvrlinux-Linux • ./Install • Please enter a new administrator user name: user_name • Please enter a new administrator Password: your_password

  21. Starting • sudo /usr/local/sbin/DarwinStreamingServer • sudo /usr/local/sbin/streamingadminserver.pl • http://darwin.streaming.server:1220/

  22. TCP socket

  23. TCP socket server

  24. TCP socket client

  25. module • Use makefile to compile the program • make all • Insert program to the kernel module • insmodinput_queue.ko • rmmodinput_queue • lsmod https://blog.wu-boy.com/2010/06/linux-kernel-driver-%E6%92%B0%E5%AF%AB%E7%B0%A1%E5%96%AE-hello-world-module-part-1/

  26. IP header

  27. TCP/ UDP header

  28. RTP Header

  29. AWK • http://wanggen.myweb.hinet.net/ach3/ach3.html?MywebPageId=2017171508212480715#awk_prog

  30. IP Layer int count(struct sk_buff* skb){ struct iphdr *iph; struct tcphdr *tcph; struct udphdr *udph; struct timeval tv; static inttotal_packet = 0; static intlast_timestamp = 0;

  31. IP Layer iph = skb->nh.iph; printk("=================IP=================\n"); //IP Header printk("Version = %d\n",iph-> version); printk("IHL = %d\n",iph-> ihl*4); printk("Type of Service = %d\n",iph-> tos); printk("Total Length = %d\n",ntohs(iph-> tot_len)); printk("Identification = %d\n",iph-> id); printk("Fragmentation Offset = %d\n",iph-> frag_off); printk("Time to live = %d\n",iph-> ttl); printk("Protocol = %d\n",iph-> protocol);

  32. IP Layer printk("Header Checksum = 0x%x\n",iph-> check); printk("Source Address = %d.%d.%d.%d\n",*(skb->nh.raw+12),*(skb->nh.raw+13),*(skb->nh.raw+14),*(skb->nh.raw+15)); printk("Distination Address = %d.%d.%d.%d\n",*(skb->nh.raw+16),*(skb->nh.raw+17),*(skb->nh.raw+18),*(skb->nh.raw+19));

  33. TCP Layer if(iph-> protocol == IPPROTO_UDP) {//UDP Header printk("================UDP=================\n"); udph = (struct udphdr *)(skb->nh.raw + iph->ihl*4); printk("Source Port = %d\n",ntohs(udph->source)); printk("Distination Address = %d\n",ntohs(udph-> dest)); printk("Segment Length = %d\n",ntohs(udph-> len)); printk("Checksum = 0x%x\n",udph-> check);

More Related